Audit Open Original ↗
Offchain Token Bridge Creator
Type
Security review
Client
Offchain Labs
Date
2023-12
Domain
Blockchain
Effort
6 wks
Section
Offchain Labs
Trail of Bits's security review of Offchain Labs (Dec 2023) identified 8 issues: 1 high, 2 medium, 3 low, and 2 informational.
Findings · 8
- 1 L2 runtime code does not contain constructor code Informational
- 2 L2 token bridge contract deployment can be griefed High
- 3 Incorrect L2 Multicall address predicted Low
- 4 Rollup owner is assumed to be an EOA Informational
- 5 Depositing before the token bridge is fully deployed can result in loss of funds Medium
- 6 Dangerous aliasing assumption Low
- 7 Unclear decimal units of provided amounts Low
- 8 Token values in DeployHelper are not adjusted to token decimals Medium
Findings extracted from the published report PDF. See the full report below for details and remediation.
Related
- 2026-02 Offchain Labs Arbitrum Quorum Changes Audit
- 2026-01 Offchain Labs Arbitrum Nitro External DA Audit
- 2025-12 Offchain Labs Arbitrum ArbOS 50 and 51 (Fusaka) Audit
- 2025-12 Offchain Labs Arbitrum Chains Genesis File Generator Audit
- 2025-07 Offchain Labs Upgrade Executor Audit
- 2025-06 Offchain SetCoreGovernorQuorumAction Audit